Three key ransomware actors changed jobs on October 18 • The Register

October 18, 2021, was a tricky day for the ransomware industry. First, the gang that ran the REvil ransomware had its servers compromised, and then three individuals with key roles changed jobs.

That version of history was told today by Juan Antonio Velasco – a cybersecurity analyst at Spanish financial services giant Santander Group. Speaking at CyberCrimeCon 21, an event convened by threat-hunting and security software company Group-IB, Velasco’s talk tracked the recent career moves of four ransomware actors named Orange, MRT, Kajit and 999.

All have been active on various crime forums for some time. Orange served as the main administrator on a Russia-centric forum called Ramp. He or she reported details of the ransomware gang Babuk’s activities after the group infamously infected The Metropolitan Police Department of Washington DC in April 2021.

999 was Ramp’s forum moderator. Kajit also performed some moderation duties and was active on rival forums such as and

They all changed jobs on October 18. Orange, MRT, and 999 decided to go private, while Kajit was named the admin of Ramp. Velasco’s analysis of traffic on crime forums suggests he or she now has a line of contact to the masters of the REvil ransomware once enjoyed by Orange. Kajit has also launched a redesign of Ramp.

Ramp has recently started to court Chinese actors, in addition to its usual Russian-and-English-speaking clientele. Velasco was unable to explain why that’s happened, but thought the increasing interaction between Russian and Chinese actors was notable.

He also noted that October 18 is the day REvil’s servers went offline – but didn’t explicitly link the change of gigs to the (possible) demise of the (probably) Russian gang.

The researcher discussed the job moves in the context of his probes of how ransomware groups operate an increasingly sophisticated and diverse supply chain. Velasco said labor is now divided…


Cybersecurity jobs in Government Agencies


As technology continues to play a fundamental role in our day-to-day lives, it’s critical to protect the digitization we use, including data, applications, networks, and devices. It becomes crucial to educate technology end-users about the steps they should take to keep themselves safe. Cybersecurity jobs allow individuals to help government agencies and private organizations protect their information and assets from a broad range of cyberattacks.

With attacks like ransomware, malware, social engineering, and more on the rise, virtually every major company and government department rely on a trained team of specialists to help prevent loss from cybercrimes. Cyber Security Specialist, Cyber Threat Analyst, Network Security Engineer, Cyber Security Analyst, and more are crucial cybersecurity jobs.

Here is the list of the top 10 cybersecurity jobs in Government Agencies across the globe:


Cyber Security Specialist- The USA Department of State

As a cyber security specialist, your role will be to ensure that systems are continuously monitored to include the latest patch levels and for compliance with configuration guidance. Also, review the emerging threat and vulnerability notifications as part of the monitoring phase, and create risk-based security notifications whenever new vulnerabilities are discovered, or new threats emerge. Report IT security incidents (including computer viruses) in accordance with established procedures and serve as an information security advisor for annual reviews for all agencies on audits. As a cyber security specialist, you will also work closely with the regional system administrators in their regions to share information on systems issues. It is one of the best cybersecurity jobs currently available in the world.


Cyber Threat Analyst– CIA

As a Cyber Threat Analyst at the CIA, you will conduct all-source analysis, digital forensics, and targeting to identify, monitor, and counter threats posed by foreign cyber actors against the USA information systems, critical infrastructure, and cyber-related interests. Analysts will apply their scientific and technical knowledge to solve complex intelligence problems, produce short-term and long-term written…


Three really cool jobs to apply for this week

If you’re looking for a new job, you have very much come to the right place. Our job board is seeing loads of extra traffic at the moment, so it’s a great time to put out some applications if you are seeking a change. Check out these exciting roles, as a taster of the kinds of roles open right now…

Senior Security Engineer, Detection & Response, Airbnb

Airbnb is a mission-driven company dedicated to helping create a world where anyone can belong anywhere. It takes a unified team committed to core values to achieve this goal. Airbnb’s various functions embody the company’s innovative spirit and their fast-moving team is committed to leading as a 21st century company.

🏆 Meet the 20 EIT Digital finalists!

Get to know the amazing finalists here

Get to know the amazing finalists here Show Less

The Computer Security Incident Response Team (CSIRT) at Airbnb is focused on automating security detection, responding to security incidents, and working with partner teams to build capabilities that support the incident lifecycle. This is the front-line team that detects, investigates, and responds to security threats and malicious activity.

While the team is not new, they are now at a point of increasing scope. This is a key senior role to define and execute a vision for threat detection and incident response capabilities and process while mentoring other team members. As a senior engineer on the team, you will have direct impact building, optimising, and growing securing capabilities as you help deliver world-class threat detection and incident response.

The ideal candidate will have 5+ years of hands-on technical experience in security engineering, systems engineering, software engineering, network engineering, or privacy engineering. 3+ of those years of experience in incident response including host and cloud forensics, incident management, threat intelligence, threat hunting, and/or security detection.

Backend Engineer, Jobbio

Jobbio is looking for a great API developer who is proficient with Django REST Framework. You will work alongside other developers to build business logic and features into the existing API. You will also be responsible…


Cybersecurity jobs protecting government and business in high demand

Madison Cyber Labs at Dakota State University help students study and work through data.

As people consider careers or new options in work, high-paying jobs in traditional fields like health may come to mind, but one industry is prospering off of protecting the data of others.

Cybersecurity, the protection of computer systems and networks, is emerging as a promising industry in South Dakota with more than enough jobs. The issue? There aren’t enough faculty to train people to fill that work.

From 100% job placement for some graduates to millions in funding for local cybersecurity startups, there’s a small local network that reaches thousands of clients popping up in South Dakota — and graduates who are in high demand.

But the industry is small now and has an unsure future ahead if it can’t keep up. Right now Dakota State University’s acceptance rate is 21% for its PhD programs including that in cybersecurity, on par with a public Ivy league for 2021, for computer sciences.